Bug 1733078

Summary: [ovirt-engine-extension-aaa-ldap-setup] dig command usage does not allow for tcp fallback
Product: [oVirt] ovirt-engine-extension-aaa-ldap Reporter: Klaas Demter <klaas>
Component: SetupAssignee: Martin Perina <mperina>
Status: CLOSED DUPLICATE QA Contact: Lukas Svaty <lsvaty>
Severity: medium Docs Contact:
Priority: unspecified    
Version: masterCC: bugs
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1733111 (view as bug list) Environment:
Last Closed: 2019-07-25 10:34:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1733111    

Description Klaas Demter 2019-07-25 07:30:25 UTC 
Description of problem:
our ad forest _ldap._tcp.gc._msdcs.<forest> has too many entries for a udp lookup. That means dig returns nothing and setup fails. Problem is here:
https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/8208f97c86b421327c63564942332f2b4f0ddd1b/setup/plugins/ovirt-engine-extension-aaa-ldap/ldap/common.py#L152

+ignore means no fallback to tcp for answers that are too long for udp


Version-Release number of selected component (if applicable):


How reproducible:
Have a srv record that is too long for udp and run ovirt-engine-extension-aaa-ldap-setup


Actual results:
[ ERROR ] Failed to execute stage 'Environment customization': Active Directory forest is not resolvable, please make sure you've entered correct forest name. If for some reason you can't use forest and you need some special configuration instead, please refer to examples directory provided by ovirt-engine-extension-aaa-ldap package.


Expected results:
working ad setup


Additional info:
Support Case 02433928
Comment 1 Klaas Demter 2019-07-25 08:27:33 UTC 
If I remove the +ignore it seems to work.
Comment 2 Martin Perina 2019-07-25 10:34:17 UTC 
No need to have both upstream and downstream bugs

*** This bug has been marked as a duplicate of bug 1733111 ***